Gartner Blog Network


Improving Your 2011 Security Bang for the Buck: Patching Depth and Breadth

by Neil MacDonald  |  January 4, 2011  |  Comments Off on Improving Your 2011 Security Bang for the Buck: Patching Depth and Breadth

I am back from the holidays and was responding to some comments on my previous blog post on antivirus technologies and the shift to endpoint protection platforms where one of the readers had recommended disabling autorun on removable media for a quick win for information security. There are several things in information security that we can do that immediately provide more “security bang for the buck”.

Top of the list for 2011: Patching breadth and depth.

Improve your patching depth by not just focusing patching Windows and the base Microsoft applications. Patch all common desktop elements – Adobe, security agents, management agents, browsers (Firefox, Chrome, Safari), Skype, and perhaps even iTunes. If enough desktops run it, it will be targeted. On servers, extend to the web server, application server, database application etc if you haven’t already.

Improve your patching breadth by bringing the same level of process, metrics and discipline that we’ve had to develop out of necessity for Windows to other desktop, tablet and server OSs including Linux, Mac, Unix desktop and server. If you have a project to deploy iPads to part of your workforce, add iOS to the list.

Gartner research shows that 90% of successful attacks occur against previously known vulnerabilities for which a patch or secure configuration standard was already available. Let’s start 2011 by taking a closer look here. I’ll share some other ideas in the next few posts.

Category: application-security  beyond-anti-virus  endpoint-protection-platform  information-security  

Tags: apple  best-practices  defense-in-depth  endpoint-protection-platform  information-security  security-no-brainer  windows  

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio




Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.